package com.archive.api;

import com.utils.DateUtil;
import com.utils.JdbcUtils;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.sql.*;
import java.util.Date;

/**
 * 添加实验室档案
 */
@WebServlet(name = "CreateLaboratoryArchive", urlPatterns = {"/CreateLaboratoryArchive"})
public class CreateLaboratoryArchive extends HttpServlet {

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String fileNumber = req.getParameter("fileNumber");   //档案编号
        String fileTitle = req.getParameter("fileTitle");     //档案名称
        String fillingDateStr = req.getParameter("fillingDate");  //填写日期
        Date fillingDate = DateUtil.defaultParse(fillingDateStr);
        String experimentDateStr = req.getParameter("experimentDate");  //实验日期
        Date experimentDate = DateUtil.defaultParse(experimentDateStr);
        String userId = req.getParameter("userId");               //用户编号
        String animalId = req.getParameter("animalId");           //动物编号
        String experimentDataTip = req.getParameter("experimentDataTip");   //信息备注
        String file = req.getParameter("file");           //文件名
        //检查用户是否有添加实验档案的权限
        String id = (String) req.getSession().getAttribute("id");
        Connection queryConn = JdbcUtils.getCon();
        PreparedStatement queryStat = null;
        try {
            String querySql = "select UserSystemPermission from animalfile09_systemuser where UserID = ?";
            queryStat = queryConn.prepareStatement(querySql);
            queryStat.setString(1, id);
            ResultSet rs = queryStat.executeQuery();
            if (rs.next()) {
                String userSystemPermission = rs.getString("UserSystemPermission");
                if (!"laboratory".equals(userSystemPermission)) {
                    resp.getWriter().println("{\"msg\": \"用户没有laboratory权限\"}");
                    return;
                }
            }
        } catch (SQLException e) {
            e.printStackTrace();
        } finally {
            JdbcUtils.close2(queryConn, queryStat);
        }

        Connection con = JdbcUtils.getCon();
        PreparedStatement stat = null;
        try {
            String sql = "insert into animalfile09_laboratoryarchive (FileNumber, FileTitle, FillingDate, ExperimentDate," +
                    " UserID, AnimalID, FileState,ExperimentDataTip, FileName) values (?, ?, ?, ?, ?, ?, ?,?,?);";
            stat = con.prepareStatement(sql);
            stat.setString(1, fileNumber);
            stat.setString(2, fileTitle);
            stat.setTimestamp(3, new Timestamp(fillingDate.getTime()));
            stat.setTimestamp(4, new Timestamp(experimentDate.getTime()));
            stat.setString(5, userId);
            stat.setString(6, animalId);
            stat.setString(7, "未审核");
            stat.setString(8, experimentDataTip);
            stat.setString(9, file);
            stat.executeUpdate();
        } catch (SQLException e) {
            e.printStackTrace();
            System.out.println("操作错误！！！");
            resp.getWriter().println(e.getMessage());
            return;
        } finally {
            JdbcUtils.close2(con, stat);
        }
        resp.setContentType("application/json;charset=utf-8");
        resp.getWriter().println("{\"msg\": \"OK\"}");
    }
}
